Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/7a7871-08f3-4757-a9f0-bf1c5cc36b66/1/cliAqhrzHNoeZFuSPSEb0KIDqXs.roa
File: cliAqhrzHNoeZFuSPSEb0KIDqXs.roa (raw, json)
Hash identifier: J1g5njRN9c7kQnS21utdf0j3ePBsNYZAYFK179Mk0HI=
Subject key identifier: 72:58:80:AA:1A:F3:1C:DA:1E:64:5B:92:3D:21:1B:D0:A2:03:A9:7B
Certificate issuer: /CN=7df7cfd6c8826a67f642a373d131955308d9c1ca
Certificate serial: 018CC5DC628AB69243B77A4AF4C0BFD4BF65
Authority key identifier: 7D:F7:CF:D6:C8:82:6A:67:F6:42:A3:73:D1:31:95:53:08:D9:C1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fffP1siCamf2QqNz0TGVUwjZwco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/7a7871-08f3-4757-a9f0-bf1c5cc36b66/1/cliAqhrzHNoeZFuSPSEb0KIDqXs.roa
Signing time: Mon 01 Jan 2024 16:30:03 +0000
ROA not before: Mon 01 Jan 2024 16:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205654
IP address blocks: 195.234.95.0/24 maxlen: 24
185.211.20.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 Feb 2024 11:19:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:62:8a:b6:92:43:b7:7a:4a:f4:c0:bf:d4:bf:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df7cfd6c8826a67f642a373d131955308d9c1ca
Validity
Not Before: Jan 1 16:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=725880aa1af31cda1e645b923d211bd0a203a97b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:cc:f8:ed:13:8b:f9:ce:36:95:b6:60:6d:0e:
de:82:db:6d:15:1d:7a:8e:f2:eb:89:9c:a8:18:1d:
2f:1c:ce:77:e9:51:ac:85:9f:31:4b:3e:c4:91:1b:
ad:ea:82:6c:62:b7:85:15:08:c9:bc:6c:f6:f4:f1:
85:93:8f:85:31:f5:0c:75:d9:5b:b3:1b:82:44:37:
02:fd:78:f4:f4:48:35:65:96:cf:e8:72:13:94:22:
1b:8f:56:9c:9c:5d:29:98:c0:1a:76:89:79:53:cb:
bb:12:00:33:f5:40:c3:f9:c3:06:cd:9d:2a:2a:f0:
1d:e5:a0:2d:af:aa:e3:c5:0f:1a:64:ba:05:b9:6d:
ad:8c:03:c1:02:c8:44:59:50:3a:08:0d:8c:24:57:
67:6b:b7:01:86:5b:20:2a:87:5b:92:94:3c:93:15:
5e:15:ff:15:54:85:d6:91:22:9f:00:86:cc:3e:fb:
2a:fc:07:0d:e8:4e:e9:a8:a3:b0:91:7e:1f:7a:75:
44:dc:4d:7a:77:bc:e0:39:ad:ec:80:7d:06:68:78:
81:46:fe:6a:f1:75:05:ac:01:f6:55:0c:e2:da:8e:
25:59:4d:51:16:60:d1:51:fa:e5:e2:d0:0b:40:95:
e2:82:12:c9:2d:63:60:38:2d:20:c8:68:a7:2e:4f:
f7:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:58:80:AA:1A:F3:1C:DA:1E:64:5B:92:3D:21:1B:D0:A2:03:A9:7B
X509v3 Authority Key Identifier:
keyid:7D:F7:CF:D6:C8:82:6A:67:F6:42:A3:73:D1:31:95:53:08:D9:C1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fffP1siCamf2QqNz0TGVUwjZwco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/7a7871-08f3-4757-a9f0-bf1c5cc36b66/1/cliAqhrzHNoeZFuSPSEb0KIDqXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/7a7871-08f3-4757-a9f0-bf1c5cc36b66/1/fffP1siCamf2QqNz0TGVUwjZwco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.20.0/22
195.234.95.0/24
Signature Algorithm: sha256WithRSAEncryption
56:3e:9a:e1:3a:ae:b3:31:0d:85:d4:4b:58:43:78:03:e8:77:
ee:39:8b:ce:00:c3:29:d3:a7:15:93:9f:22:30:54:59:a7:68:
63:4c:f9:80:28:4c:29:1c:e7:1e:b5:34:69:ba:f7:c2:11:57:
c9:bd:6b:4a:0f:13:f3:ac:fb:50:be:11:a1:35:09:4d:ed:a9:
c1:f9:6d:b2:78:62:1d:1c:54:43:9b:4c:1c:72:66:75:db:f8:
04:32:f5:8d:ef:6e:f3:23:a2:06:f5:5c:20:59:ff:e5:e1:a7:
4c:12:b3:2d:e9:f9:15:4f:d5:58:e6:29:df:6d:68:b6:c0:2b:
ee:9d:e5:3d:75:45:a9:98:71:1f:e5:68:be:be:d5:b0:0c:88:
bc:2c:ba:12:f4:48:29:85:17:14:43:ed:9c:ec:46:11:a0:e2:
08:ac:e8:2f:db:f2:89:18:70:e3:b4:23:20:91:8a:ad:32:99:
de:34:20:b7:9b:50:e5:06:57:13:a1:1d:6b:4a:e6:19:8d:d1:
17:71:0c:ba:84:b3:05:41:8b:3b:22:11:12:98:ad:3a:9f:f5:
7e:6d:38:2a:9a:dd:da:78:ec:ae:eb:21:20:48:b8:ae:47:71:
e0:12:b8:68:e8:1e:a5:b4:c2:9b:ec:4f:d5:14:8c:eb:9d:63:
fe:b8:dd:48
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF3GKKtpJDt3pK9MC/1L9lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjdjZmQ2Yzg4MjZhNjdmNjQyYTM3M2QxMzE5NTUzMDhk
OWMxY2EwHhcNMjQwMTAxMTYzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjU4ODBhYTFhZjMxY2RhMWU2NDViOTIzZDIxMWJkMGEyMDNhOTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncz47ROL+c42lbZgbQ7egtttFR16
jvLriZyoGB0vHM536VGshZ8xSz7EkRut6oJsYreFFQjJvGz29PGFk4+FMfUMddlb
sxuCRDcC/Xj09Eg1ZZbP6HITlCIbj1acnF0pmMAadol5U8u7EgAz9UDD+cMGzZ0q
KvAd5aAtr6rjxQ8aZLoFuW2tjAPBAshEWVA6CA2MJFdna7cBhlsgKodbkpQ8kxVe
Ff8VVIXWkSKfAIbMPvsq/AcN6E7pqKOwkX4fenVE3E16d7zgOa3sgH0GaHiBRv5q
8XUFrAH2VQzi2o4lWU1RFmDRUfrl4tALQJXighLJLWNgOC0gyGinLk/3eQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHJYgKoa8xzaHmRbkj0hG9CiA6l7MB8GA1UdIwQY
MBaAFH33z9bIgmpn9kKjc9ExlVMI2cHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZmUDFzaUNhbWYyUXFOejBUR1ZVd2pad2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi83YTc4NzEtMDhmMy00NzU3LWE5ZjAt
YmYxYzVjYzM2YjY2LzEvY2xpQXFocnpITm9lWkZ1U1BTRWIwS0lEcVhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi83YTc4NzEtMDhmMy00NzU3LWE5ZjAtYmYxYzVjYzM2YjY2
LzEvZmZmUDFzaUNhbWYyUXFOejBUR1ZVd2pad2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCudMUAwQA
w+pfMA0GCSqGSIb3DQEBCwUAA4IBAQBWPprhOq6zMQ2F1EtYQ3gD6HfuOYvOAMMp
06cVk58iMFRZp2hjTPmAKEwpHOcetTRpuvfCEVfJvWtKDxPzrPtQvhGhNQlN7anB
+W2yeGIdHFRDm0wccmZ12/gEMvWN727zI6IG9VwgWf/l4adMErMt6fkVT9VY5inf
bWi2wCvuneU9dUWpmHEf5Wi+vtWwDIi8LLoS9EgphRcUQ+2c7EYRoOIIrOgv2/KJ
GHDjtCMgkYqtMpneNCC3m1DlBlcToR1rSuYZjdEXcQy6hLMFQYs7IhESmK06n/V+
bTgqmt3aeOyu6yEgSLiuR3HgErho6B6ltMKb7E/VFIzrnWP+uN1I
-----END CERTIFICATE-----
Generated at Tue Feb 27 00:58:43 2024 by rpki-client on console.sobornost.net